public abstract class AbstractCipherBean extends Object implements CipherBean
CiphertextHeader
containing metadata that
facilitates decryption.Constructor and Description |
---|
AbstractCipherBean()
Creates a new instance.
|
AbstractCipherBean(KeyStore keyStore,
String keyAlias,
String keyPassword,
Nonce nonce)
Creates a new instance by specifying all properties.
|
Modifier and Type | Method and Description |
---|---|
byte[] |
decrypt(byte[] input)
Decrypts the input data using a block cipher.
|
void |
decrypt(InputStream input,
OutputStream output)
Decrypts the data from the input stream onto the output stream using a
symmetric cipher.
|
byte[] |
encrypt(byte[] input)
Encrypts the input data using a symmetric cipher.
|
void |
encrypt(InputStream input,
OutputStream output)
Encrypts the data from the input stream onto the output stream using a
symmetric cipher.
|
String |
getKeyAlias() |
KeyStore |
getKeyStore() |
Nonce |
getNonce() |
protected SecretKey |
lookupKey(String alias)
Looks up secret key entry in the
keyStore . |
protected abstract byte[] |
process(CiphertextHeader header,
boolean mode,
byte[] input)
Processes the given data under the action of the cipher.
|
protected abstract void |
process(CiphertextHeader header,
boolean mode,
InputStream input,
OutputStream output)
Processes the given data under the action of the cipher.
|
void |
setKeyAlias(String keyAlias)
Sets the keystore entry alias used to locate the current encryption key.
|
void |
setKeyPassword(String keyPassword)
Sets the password used to access the encryption key.
|
void |
setKeyStore(KeyStore keyStore)
Sets the keystore containing encryption/decryption key(s).
|
void |
setNonce(Nonce nonce)
Sets the nonce/IV generation strategy.
|
public AbstractCipherBean()
public AbstractCipherBean(KeyStore keyStore, String keyAlias, String keyPassword, Nonce nonce)
keyStore
- Key store containing encryption key.keyAlias
- Name of encryption key entry in key store.keyPassword
- Password used to decrypt key entry in keystore.nonce
- Nonce/IV generator.public void setKeyStore(KeyStore keyStore)
SecretKey
entry whose alias is given by setKeyAlias(String)
, which will be used at the encryption key. It may
contain additional symmetric keys to support, for example, key rollover
where some existing ciphertexts have headers specifying a different key. In
general all keys used for outstanding ciphertexts should be contained in
the keystore.keyStore
- Keystore containing encryption key(s).public String getKeyAlias()
public void setKeyAlias(String keyAlias)
keyAlias
- Alias of SecretKey
used for encryption.public void setKeyPassword(String keyPassword)
keyPassword
- Encryption key password.public Nonce getNonce()
public void setNonce(Nonce nonce)
nonce
- Nonce generator.public byte[] encrypt(byte[] input)
encrypt
in interface CipherBean
input
- Plaintext data to encrypt.public void encrypt(InputStream input, OutputStream output)
The caller is responsible for providing and managing the streams (e.g. closing them when finished).
encrypt
in interface CipherBean
input
- Input stream containing plaintext data to encrypt.output
- Output stream containing ciphertext produced by cipher in
encryption mode.public byte[] decrypt(byte[] input)
decrypt
in interface CipherBean
input
- Ciphertext data to encrypt.public void decrypt(InputStream input, OutputStream output)
The caller is responsible for providing and managing the streams (e.g. closing them when finished).
decrypt
in interface CipherBean
input
- Input stream containing ciphertext data to decrypt.output
- Output stream containing plaintext produced by cipher in
decryption mode.protected SecretKey lookupKey(String alias)
keyStore
.alias
- Name of secret key entry.protected abstract byte[] process(CiphertextHeader header, boolean mode, byte[] input)
header
- Ciphertext header.mode
- True for encryption; false for decryption.input
- Data to process by cipher.protected abstract void process(CiphertextHeader header, boolean mode, InputStream input, OutputStream output)
header
- Ciphertext header.mode
- True for encryption; false for decryption.input
- Stream containing input data.output
- Stream that receives output of cipher.Copyright © 2016 JBoss by Red Hat. All rights reserved.